[Javascript] Is this form control by Javascript

David Lovering dlovering at gazos.com
Sun May 1 13:55:08 CDT 2005 

I might add that a lot of "e-commerce" sites are now moving to 3-tier 
validation, namely

I.    While the entry is being typed in (thereby catching and correcting 
gotcha's during initial input)

II.    Again, prior to handing off as a "submit" posting to the server, 
(usually in an encrypted stream using a one-time session key)

III.    Once more when the server receives the encrypted session variables 
being passed, and verifies the authenticity of the key.

The last stage is where it usually runs the sums of all the prices, etc. to 
make sure that all the values are in fact not only grammatically and 
syntactically correct, but that the numbers "work" in the context of the 
order (or whatever).

Some of this stuff is coming out of Sarbanes-Oxley, some out of HIPPA (C), 
and some out of the new ISO standards for electronic transaction servicing. 
What is optional today may be required tomorrow, so I'd get on board with 
these methods as soon as time permits.

If you don't, the bad-guys will eat you for lunch!

-- Dave Lovering

----- Original Message ----- 
From: "tee" <forweb at comcast.net>
To: "[JavaScript List]" <javascript at LaTech.edu>
Sent: Sunday, May 01, 2005 8:41 AM
Subject: Re: [Javascript] Is this form control by Javascript


> Hi Roger, thanks for the reply. May I see some of your work? Thanks!
>
> tee
>>
>
>>
>> For security reasons, you must do the calculations on the server, in
>> your case, as part of the cgi.  It is easy to write the calculations in
>> javascript, but it is even easier to 'submit' the form with a price
>> that is more in my favor :-).
>>
>> If you want to do it on the form _and_ in the cgi, let us know.  The
>> critical factor is how to make the pricing info available to both
>> javascript and the cgi.  If they come up with different answers, your
>> customer will be very unhappy!
>>
>>
>> Roger,
>>
>> Roger Roelofs
>> Datacomp Appraisal Services
>>
>> _______________________________________________
>> Javascript mailing list
>> Javascript at LaTech.edu
>> https://lists.LaTech.edu/mailman/listinfo/javascript
>
> _______________________________________________
> Javascript mailing list
> Javascript at LaTech.edu
> https://lists.LaTech.edu/mailman/listinfo/javascript
>

More information about the Javascript mailing list